Saturday, September 7, 2024
HomeCyber AttackMassive Surge in Cyber Attacks Targeting Real Estate and Utilities Organizations

Massive Surge in Cyber Attacks Targeting Real Estate and Utilities Organizations

Published on

Cyber attacks are becoming increasingly sophisticated as threat actors continuously evolve their tools and tactics. 

They leverage advanced technologies, use social engineering techniques, and collaborate in sophisticated cybercrime networks.

The real estate and utilities industries have seen a noticeable increase in intrusions over the last three months, according to the recent study report shared with the Cyber Security News (CSN) team from CYFIRMA.

- Advertisement - EHA

Past 90 Days in Numbers

Real estate and utilities appeared in 13 of the 59 observed campaigns, accounting for 22% of the total, lower than industries with greater appeal to nation-state threat actors.

Besides this, the Chinese cyber activity also surged with Barracuda ESG vulnerability use. However, no new real estate or utilities victims have been observed in these campaigns since then.

Attack count
Attack count (Source – Cyfirma)

Here below, we have mentioned all the involved threat actors:-

Threat actors
Threat actors (Source – Cyfirma)

Real estate and utilities draw both financially motivated and nation-state actors. Europe, potentially targeted by Russian-linked threat actors amid the Ukraine conflict, experiences the highest attack activity.

Geographical Distribution
Geographical Distribution (Source – Cyfirma)

Cyberattacks primarily target web applications and operating systems across industries, with instances of compromised VPN and application infrastructure.

Most attacked technologies
Most attacked technologies (Source – Cyfirma)

Phishing attacks

This report excludes internet service providers from the analysis, focusing instead on water and energy utilities. Phishing lures targeting utilities are highly localized, deterring threat actors seeking broader targets.

CYFIRMA’s telemetry detected only 42 phishing attacks targeting utilities and none related to real estate in the past 3 months, with a primary focus on broader phishing campaigns.

Global Distribution of Phishing Themes per Sector
Global Distribution of Phishing Themes per Sector (Source – Cyfirma)

Impersonated brands

Here below, we have mentioned all the real estate and utilities industry brands that are impersonated:-

  • Pkn Orlen
  • Swiss Office of Energy
  • ENEL Energia S.P.A
  • Polska Grupa Energetyczna

ASN telemetry revealed PKN Orlen phishing linked to the USA, while the Swiss Office of Energy had Swiss roots, and Italian Enel Energia and Polska Grupa Energetyczna traced back to German ASN, indicating an international PKN Orlen campaign versus local cybercriminals.

Attack origins
Attack origins (Source – Cyfirma)

CYFIRMA found 117 ransomware victims in real estate and utilities in the last 90 days, 7.4% of 1,579 incidents, with a sharp rise in August.

Lockbit3’s August surge leads, driven by Cl0p (+Torrents), while 8base with ALPHV and Akira maintain steady numbers. The top 5 gangs make up 59% of victims, but smaller groups still cause significant harm.

Major ransomware gangs
Major ransomware gangs (Source – Cyfirma)

Out of 45 active gangs, 29 targeted real estate and utilities, with Cl0p showing minimal interest in this sector.

Victims Targeted

The United States leads with 65 out of 112 victims, highlighting global ransomware threats that know no boundaries, as cyber attackers target vulnerable organizations worldwide.

Geographic Distribution Of Victims
Geographic Distribution Of Victims (Source – Cyfirma)

Nation-state APTs show limited interest in real estate and utilities, mainly focusing on energy, notably in Europe in the middle of the Ukraine-Russia conflict.

Real estate and utilities lack appeal for widespread phishing due to localized fragmentation. Lockbit3 is the top gang, while Cl0p has fewer victims in this industry. However, besides this, the real estate developers and construction businesses are the most affected sectors.

Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...

NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion

NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

BBTok Abuses Legitimate Windows Utility Command Tool to Stay Undetected

Cybercriminals in Latin America have increased their use of phishing scams targeting business transactions...

Predator Spyware Exploiting “one-click” & “zero-click” Flaws

Recent research indicates that the Predator spyware, once thought to be inactive due to...

Tropic Trooper Attacks Government Organizations to Steal Sensitive Data

Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group,...